Hosted VoIP and Security – Your Concerns Answered

One area of concern to companies contemplating the move to hosted VoIP is security. Now this is something most of us didn’t associate with our phones – whether at home or at work. But with VoIP, security is definitely something you should think about. Media articles abound on security breaches, toll fraud incidents and vulnerabilities in VoIP systems.

However not all providers take security seriously. Some vendors simply make promises while failing to fulfill them. Others will just ignore your concerns and not consider it an issue at all. Before choosing a hosted VoIP vendor, make sure to ask them questions about security, vulnerabilities, monitoring tools and policies etc. Some areas you should check include:

Encryption

The media likes to portray encryption as some sort of silver bullet for security issues. Read any article on data breaches or theft and you’re likely to some across a sentence asking why the data wasn’t encrypted. This reliance on encryption is harmful for a couple of reasons. One is that companies are lulled into a false sense of security. They tend to think they’re safe because their data is encrypted. But there are many ways for attackers to compromise your system.Second is that encryption cannot protect against all the risks. It simply makes your data useless to anyone who steals it. Hackers can still commit toll fraud on your network or bring down your servers and cause havoc. Imagine spending a few days without your phones!

Encryption is not a magical solution that closes all vulnerabilities. It is simply the first step in securing your network and data against intruders. It is also is difficult to add later, you cannot just turn it on and off when you like. So find out from the vendor if they encrypt data on their network, how it is implemented, who can decrypt it and so on. Once you sign the contract, it’s too late!

Authentication Controls

Suppose your data is encrypted at all points – at rest and during transit across various networks. You think your voice data is safe but the thing is, unauthorised users can still steal it. Imagine if one of your devices or user accounts still had the default password. Attackers can simply log into your network and place fraudulent calls worth thousands of dollars which you’re on the hook for. There is no encryption method that can protect your data once the intruder is inside the system or while posing as a legitimate user.

What can you do about it? Make sure all your employees understand passwords and authentication controls. No device on the network should still have the default password it was shipped with. Users should also change their passwords regularly and not share it with friends, family or even colleagues. These are basic steps you should take to protect your phones.

Security Updates and Patches

No device or software is guaranteed to be bug free at launch or even afterwards. One common way for hackers to get into your voice network is through vulnerabilities or loopholes in outdated equipment or applications. Older versions of device drivers or apps often have bugs that can be exploited. Manufacturers generally release bug fixes and security updates to close them.

This is yet another step you can take for your protection. Make sure all the devices on your network are updated with the latest patches regularly. It applies to everything, not just VoIP specific hardware. For example, malware or viruses on your computers can be used to compromise the VoIP phones or steal account credentials. Keyloggers installed via insecure USB drives can steal passwords when employees use softphones. Any device – whether server equipment or personal mobile phones – can be the source of an attack on your network.

Regular and Constant Monitoring

Real time monitoring is an important aspect of hosted VoIP security. Many companies don’t know they’ve been breached or attacked until it is too late to do anything. Monitoring is one way to counter that. Ask your vendor about tools and applications they offer for monitoring your network. There may even be software available from other vendors that you can buy.

With effective monitoring and reporting tools, you can detect an intrusion as soon as it occurs. It’s useful for both security and to ensure the network is performing as it should.

One of the positive aspects of using hosted VoIP is that you’re entrusting the security of your phone to someone with proven expertise in that area. Most small and medium businesses lack the resources to hire IT security experts. Instead of starting from scratch and hiring in house security experts, you can just rely on the vendor for securing the phones. But remember that you have a role to play in protecting your communication network as well.

Leave a Reply

Your email address will not be published. Required fields are marked *

Your name*

Your email*

Comment goes here...*

No comments

Related Posts

The Magic of WebRTC with VoIP – Where Does it Lead?

Businesses looking to switch to VoIP have two options to choose from. You can purchase hosted VoIP services from a vendor, freeing your company from maintenance, repairs, upgrades etc. Or you can set up your own on-premise SIP trunking solution that gives you complete control over each little setting. There have been countless debates on…

Privacy – Do VoIP Providers Listen to your Calls?

Privacy and security issues tend to dominate the headlines these days. Most consumers and even enterprises are concerned about who has their data and how it is being used. After the recent revelations about the widespread surveillance of the US government on its own citizens, people are sitting up and taking notice. Gone are the…

Have you Set Up VoIP Emergency Services?

VoIP phones are a considerable improvement over traditional landlines. The new technology is relatively inexpensive and offers more features. From a user perspective, the experience doesn’t change much. Making and receiving calls on VoIP phones works similar to landlines. You can also get features that were not possible with PSTN lines such as video conferencing,…

Recent blog posts

The Magic of WebRTC with VoIP – Where Does it Lead?

Businesses looking to switch to VoIP have two options to choose from. You can purchase hosted VoIP services from a vendor, freeing your company from maintenance, repairs, upgrades etc. Or you can set up your own on-premise SIP trunking solution that gives you complete control over each little setting. There have been countless debates on…

Privacy – Do VoIP Providers Listen to your Calls?

Privacy and security issues tend to dominate the headlines these days. Most consumers and even enterprises are concerned about who has their data and how it is being used. After the recent revelations about the widespread surveillance of the US government on its own citizens, people are sitting up and taking notice. Gone are the…

Have you Set Up VoIP Emergency Services?

VoIP phones are a considerable improvement over traditional landlines. The new technology is relatively inexpensive and offers more features. From a user perspective, the experience doesn’t change much. Making and receiving calls on VoIP phones works similar to landlines. You can also get features that were not possible with PSTN lines such as video conferencing,…

30-day free trial

You can take a 30-day FREE trial of VoIPstudio with absolutely no obligations. A simple web-based portal gives you total control over all your telephony requirements. Ready to take your business to new heights?